Azure API Management - Subscription keys for Applications?

2
votes

I've been playing around with API Management and it looks great. The only issue I have is that when calling an API you need to pass a subscription key, which is linked to a 'User'. In the majority of use cases the caller of our APIs are Applications (back-end services).

Am I supposed to be creating a User account per Application, or is there another way for me to obtain a security key for the App?

I have had a brief look at AD, however I don't want to go down that route straight away.

Thanks

1
azureazure-api-appsazure-api-management

1 Answers

3
votes

You can create a single "API Consumer" user and use the key assigned to that user for all your back end services. Or you could create a separate user for each of your services. But creating a separate user you would have the ability to independently revoke access to certain services and control rate limiting/quotas independently.